package com.hoki.zj.hrm.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
@EnableWebSecurity // 启用认证
public class MyWebSecurityConfig extends WebSecurityConfigurerAdapter {

    // 1.UserDetailService

    // 2.指定密码编码器
    @Bean
    public PasswordEncoder passwordEncoder() {
        // 指定为BCryptPasswordEncoder编码器
        return new BCryptPasswordEncoder();
    }

    // 3.指定一个认证管理器,交给Spring管理
    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    public static void main(String[] args) {
        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
        System.out.println(encoder.encode("123456"));
    }


    // 4.授权规则配置
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/**").permitAll()                        // 允许所有请求(测试)
                .and().formLogin()                                                 // 允许表单登录(测试)
                    .successForwardUrl("/loginUser/loginSuccess")                  // 登陆成功跳转
                .and().csrf().disable();                                           // 关闭跨域伪造检查
    }
}
